Changeset 2364 in ExiteCMS for branches/PLi-Fusion/includes/secureimage-1.0.3/securimage.php

Timestamp:

07/29/10 17:16:11 (22 months ago)

Author:

root

Message:

merged trunk into branches PLi-Fusion and ITXP

File:

• branches/PLi-Fusion/includes/secureimage-1.0.3/securimage.php (modified) (14 diffs)

branches/PLi-Fusion/includes/secureimage-1.0.3/securimage.php

@@ -18 +18 @@
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA<br /><br />
- * 
- * Any modifications to the library should be indicated clearly in the source code 
+ *
+ * Any modifications to the library should be indicated clearly in the source code
  * to inform users that the changes are not a part of the original software.<br /><br />
  *
@@ -121 +121 @@
   var $charset = 'ABCDEFGHKLMNPRSTUVWYZ23456789';
   //var $charset = '0123456789';
-  
+
   /**
    * Create codes using this word list
@@ -128 +128 @@
    */
   var $wordlist_file = '';
-  
+
   /**
    * True to use a word list file instead of a random code
@@ -363 +363 @@
   var $audio_path = './audio/';
 
+  /**
+   * Captcha expiry timeout in seconds.
+   *
+   * @since 1.0.3
+   * @var string
+   */
+  var $timeout = 300;
+
+
 
   //END USER CONFIGURATION
@@ -423 +432 @@
       die('no session available!');
     }
-    
+
     // we use random colors to make it even more difficult
     $this->image_bg_color = $this->getHexColor();
@@ -445 +454 @@
     return $clr;
   }
-   
+
   /**
    * Generate a code and output the image to the browser.
@@ -693 +702 @@
   {
     $this->code = false;
-    
+
     if ($this->use_wordlist && is_readable($this->wordlist_file)) {
       $this->code = $this->readCodeFromFile();
     }
-    
+
     if ($this->code == false) {
       $this->code = $this->generateCode($this->code_length);
     }
-    
+
     $this->saveData();
   }
@@ -721 +730 @@
     return $code;
   }
-  
+
   /**
    * Reads a word list file to get a code
@@ -733 +742 @@
     $fp = @fopen($this->wordlist_file, 'r');
     if (!$fp) return false;
-    
+
     $fsize = filesize($this->wordlist_file);
     if ($fsize < 32) return false; // too small of a list to be effective
-    
+
     if ($fsize < 128) {
       $max = $fsize; // still pretty small but changes the range of seeking
@@ -742 +751 @@
       $max = 128;
     }
-    
+
     fseek($fp, rand(0, $fsize - $max), SEEK_SET);
     $data = fread($fp, 128); // read a random 128 bytes from file
     fclose($fp);
-    
+
     $start = strpos($data, "\n", rand(0, 100)) + 1; // random start position
     $end   = strpos($data, "\n", $start) - 1; // find end of word
-    
+
     return strtolower(substr($data, $start, $end - $start)); // return substring in 128 bytes
   }
@@ -822 +831 @@
   {
     $_SESSION['securimage_code_value'] = strtolower($this->code);
+    $_SESSION['securimage_code_timestamp'] = time();
   }
 
@@ -834 +844 @@
     if ( isset($_SESSION['securimage_code_value']) && !empty($_SESSION['securimage_code_value']) ) {
       if ( $_SESSION['securimage_code_value'] == strtolower(trim($this->code_entered)) ) {
-        $this->correct_code = true;
-        $_SESSION['securimage_code_value'] = '';
+        if (isset($_SESSION['securimage_code_timestamp']) && (time() - $_SESSION['securimage_code_timestamp']) < $this->timeout) {
+          $this->correct_code = true;
+          $_SESSION['securimage_code_value'] = '';
+        } else {
+          $this->correct_code = false;
+        }
       } else {
         $this->correct_code = false;
@@ -906 +920 @@
       $file['size']            = $data['ChunkSize'] + 8;
       $file['data']            = $body;
-      
+
       if ( ($p = strpos($file['data'], 'LIST')) !== false) {
         // If the LIST data is not at the end of the file, this will probably break your sound file
@@ -914 +928 @@
         $file['size'] = $file['size'] - (strlen($file['data']) - $p);
       }
-      
+
       $files[] = $file;
       $data    = null;